ok, nothing in those logs, post the combo and you cna try running a few rootkit scanners!
* Copy the contents of the code box below into notepad and save it as
findtheother.bat and save it to your desktop.
echo ** This batch was originally written by OSC **
cd C:\WINDOWS\system32\rfrnjyp
if exist C:\contents.txt del C:\contents.txt
echo ************************************>> C:\contents.txt
echo **These are the hidden files found**>> C:\contents.txt
echo ************************************>> C:\contents.txt
dir /a:h >> c:\contents.txt
echo ************************************>> C:\contents.txt
echo **These are the system files found**>> C:\contents.txt
echo ************************************>> C:\contents.txt
dir /a:s >> C:\contents.txt
attrib /d /s -s -r -h -a
start notepad c:\contents.txt
exit
Doubleclick the findtheother.bat file to run it. When it is done it will
open
a text file showing all hidden and system files in that folder. Post the
contents of that file in your next reply to this thread.
Download rkfiles
and unzip the contents to a new folder on your desktop.
* Unzip RKfiles.zip to the desktop
* Double-click RKFiles.bat to run it.
o It may take a while.
* When it is finished a window should appear with a log.
* Please copy the contents of the log and paste them here
o Note: the log with be saved at c:\log.txt
Download catchme.exe ( 25kB ) to your desktop.
Double click the catchme.exe to run it.
Open the catchme.log and copy and paste its contents here please
Also, please run Blacklight beta:
Don't let it fix anything but post the log it makes.
so, post the catchme log, the blacklight, the bat file, and the rkfile log!
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
